Vendor
medium
advisory
Netty DNS Codec Input Validation Bypass Vulnerability
2 rules 1 TTPNetty's DNS codec fails to enforce RFC 1035 domain name constraints, leading to potential DNS cache poisoning, denial-of-service, and domain validation bypass through null byte injection, overlength labels, silent truncation, and unbounded memory allocation.
Netty 4.2.12.Final
netty
dns
vulnerability
cache-poisoning
2r
1t
medium
advisory
Netty epoll Transport Denial of Service via RST on Half-Closed TCP Connection
2 rules 1 TTPNetty's epoll transport fails to properly close TCP connections that receive a RST after a half-close, leading to resource exhaustion and potential CPU busy-loops, impacting service availability.
netty-transport-native-epoll
denial-of-service
netty
epoll
resource-exhaustion
2r
1t
medium
advisory
Netty HTTP/3 QPACK Literal Unbounded Allocation Vulnerability
3 rules 1 TTPA vulnerability in Netty's HTTP/3 QPACK decoder allows an attacker to cause a denial of service by sending a crafted HTTP/3 header that triggers excessive memory allocation, leading to a server crash.
netty-codec-http3
netty
http3
qpack
denial-of-service
vulnerability
3r
1t